package com.etc.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.websocket.Session;

import com.etc.entity.Admin;
/**
 * 系统后台访问控制
 * @author Administrator
 *
 */
public class SessionFilter implements Filter {
	
	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		
		// 强制转换
		HttpServletRequest req = (HttpServletRequest)request;
		HttpServletResponse res = (HttpServletResponse)response;
		
		// 通过session会话中的指定属性判断用户是否登录状态
		HttpSession session =  req.getSession();
		Object object = session.getAttribute("ADMIN_LOGIN");
		
		if (object!=null) { // 登录状态
			// 放行
			chain.doFilter(request, response);
		}else { // 未登录状态
			// 重定向回登录页面
			res.sendRedirect(req.getContextPath() + "/back/login.jsp");
		}
	}

	@Override
	public void destroy() {
		
	}
}
